Custom Rules
WAF custom rules allow you to define specific conditions and actions to inspect and control incoming web traffic. They enable fine-grained protection tailored to your application’s needs, beyond what the managed WAF provides. You can create rules based on attributes such as IP addresses, headers, query parameters, or request body content. Custom rules help block malicious traffic, enforce business logic, and mitigate attacks that are unique to your application. They provide flexibility and control, ensuring your security policies match your specific requirements.
Order of Execution
Custom rules are executed in their defined order. If a request matches a custom rule condition, the rule’s action is applied. If the action is a terminating action (Allow or Block), then:
- Subsequent custom rules will not be executed.
- Rate limit rules will not be executed.
- The managed WAF will still be executed, but its action will be ignored.
If the action is Log or Bypass, the following rules will continue to execute in the defined order.
Adding a Custom Rule
You can have multiple custom rules in your service. Each rule is defined with a condition and an action to take when a request meets the condition.
To add a custom rule to your service:
- Navigate to your service.
- In the sidebar, select Security and then select WAF.
- Click on the Create button.
- Fill out the new custom rule form:
- Rule Name – Enter the name of the new rule.
- Condition – Define the condition that determines which requests the rule applies to. You can create complex rules with
ORandANDoperators. - Action – Select the action to take on requests that match the condition.
- Click on Save.
Updating & Deleting a Custom Rule
To modify or delete a custom rule in your service:
- Navigate to your service.
- In the sidebar, select Security and then select WAF.
- Find the custom rule you want to update or delete, then click the Edit icon to modify it, or the Delete icon to remove it.